Skip to main content

Online Privacy: Citi Virtual Cards.

I really like Citi's Virtual card concept. With this service, you never have to give out your real credit card number online. Citi provides you with a tool that can generate a virtual credit card number. You use it for any merchant online. The card number is totally random. Cannot be traced back to original card number.

The Tool is of two types. You can download and install it (a flash based *application* - NOT an air app - WHY?) or your can launch in a browser. The install variant is only available for windows (has a specific installer works only on PC). For macs and *nix, You have use the launcher.

NOTE: Donot use Virtual Account Numbers for purchases that require you to show your credit card at time of pick-up (e.g., movie tickets, etc.). I fell in that trap twice. You can talk to the manager, but hey, why the hassle?

Now, Why am I, a developer, taking special interest in promoting this? Apart from the general push for privacy, I want to show how poorly designed is the access to this virtual card system. For some reason, to access the laucher, you have to access your login - first. And the link to launch is another couple of clicks and steps. The lunched app (same flash app as the installable variant), again asks you to login.

  • First of all, the citicards.com home page has a *critical* bug on linux. The page loads with a transparent help overlay flash (has no reason to be there) - preventing you to enter the username password. The only work around is to use firebug to delete that element or write a grease monkey script
  • Having to log into my account: This is crazy. All this only to open the popup.You are shopping online. Just about to check out a hot deal. Boom. You are slowed down to a snail.
  • The page could have been a simple link/button on the dashboard, but they just take you round and round on a roller coaster ride
  • The development could easily transform the flash install type. to an air app. Had it been so, you can even get it in *nix, mac

But the simplest solution of all is to get that link and open it yourself. To demonstrate this, I quickly copied the popup js code from the account page. See how easy it is to launch. click in the image below.

Popular posts from this blog

Powered By

As it goes, We ought to give thanks to people who power us. This page will be updated, like the version page , to show all the tools, and people this site is Powered By! Ubuntu GIMP Firebug Blogger Google [AppEngine, Ajax and other Apis] AddtoAny Project Fondue jQuery

Decorator for Memcache Get/Set in python

I have suggested some time back that you could modularize and stitch together fragments of js and css to spit out in one HTTP connection. That makes the page load faster. I also indicated that there ways to tune them by adding cache-control headers. On the server-side however, you could have a memcache layer on the stitching operation. This saves a lot of Resources (CPU) on your server. I will demonstrate this using a python script I use currently on my site to generate the combined js and css fragments. So My stitching method is like this @memize(region="jscss") def joinAndPut(files, ext): res = files.split("/") o = StringIO.StringIO() for f in res: writeFileTo(o, ext + "/" + f + "." + ext) #writes file out ret = o.getvalue() o.close() return ret; The method joinAndPut is * decorated * by memize. What this means is, all calls to joinAndPut are now wrapped (at runtime) with the logic in memize. All you wa...

Faster webpages with fewer CSS and JS

Its easy, have lesser images, css and js files. I will cover reducing number of images in another post. But If you are like me, You always write js and css in a modular fashion. Grouping functions and classes into smaller files (and Following the DRY rule, Strictly!). But what happens is, when you start writing a page to have these css and js files, you are putting them in muliple link rel=style-sheet or script tags. Your server is being hit by (same) number of HTTP Requests for each page call. At this point, its not the size of files but the number server roundtrips on a page that slows your page down. Yslow shows how many server roundtrips happen for css and js. If you have more than one css call and one js call, You are not using your server well. How do you achieve this? By concatinating them and spitting out the content as one stream. So Lets say I have util.js, blog.js and so.js. If I have a blog template that depends on these three, I would call them in three script tags. Wh...